The expanded security action cycle: a temporal analysis

Willison, Robert and Warkentin, Merrill (2010) The expanded security action cycle: a temporal analysis. In: The Dewald Roode Workshop on Information Systems Security Research, IFIP, 8-9 October 2010, Boston, USA.

Full text not available from this repository. (Request a copy)
Official URL: http://issrc.oulu.fi/ifip/

Abstract

The extant literature analyzing information system security policy violations has primarily focused on accidental or non-malicious noncompliance behavior. The focus is typically on the direct antecedents of behavioral intention, and researchers have applied theories related to planned behavior, adoption, protection motivation, and other cognitive processes. But another class of violation demands greater research emphasis--the intentional commission of computer security policy violation, or computer abuse. Whether motivated by greed, disgruntlement, or other psychological process, this act has the greatest potential for loss and damage to the employer. We argue the focus must include not only the act and its immediate antecedents, but also the cognitive processes leading to the formation of abuse intention, including the motivations and decision processes that may lead up to intention. By presenting three specific examples of how the organization can expand its zone of control further back in time ('to the left of bang'), our framework extends the Straub and Welke (1998) security action cycle. We present the Extended Security Action Cycle, a new theoretic model for illustrating potential organizational impacts on the formation of employees' intention to commit computer abuse within the organization. Implications for practitioners and academic researchers are presented, including guidelines for establishing trust with employees that will foster positive perceptions of organizational justice.

Item Type: Conference or Workshop Item (Paper)
Subjects: N900 Others in Business and Administrative studies
Department: Faculties > Business and Law > Newcastle Business School > Business and Management
Related URLs:
Depositing User: Helen Pattison
Date Deposited: 05 Oct 2012 09:23
Last Modified: 10 Aug 2015 11:03
URI: http://nrl.northumbria.ac.uk/id/eprint/9444

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics


Policies: NRL Policies | NRL University Deposit Policy | NRL Deposit Licence